<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta content="Cask Data, Inc." name="author" />
<meta content="Copyright © 2014-2017 Cask Data, Inc." name="copyright" />


    <meta name="git_release" content="6.1.1">
    <meta name="git_hash" content="05fbac36f9f7aadeb44f5728cea35136dbc243e5">
    <meta name="git_timestamp" content="2020-02-09 08:22:47 +0800">
    <title>System Requirements</title>

    <link rel="stylesheet" href="_static/cdap-bootstrap.css" type="text/css" />
    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
    <link rel="stylesheet" href="_static/bootstrap-3.3.6/css/bootstrap.min.css" type="text/css" />
    <link rel="stylesheet" href="_static/bootstrap-3.3.6/css/bootstrap-theme.min.css" type="text/css" />
    <link rel="stylesheet" href="_static/css/bootstrap-sphinx.css" type="text/css" />
    <link rel="stylesheet" href="_static/css/cdap-dynamicscrollspy-4.css" type="text/css" />
    <link rel="stylesheet" href="_static/css/jquery.mCustomScrollbar.css" type="text/css" />
    <link rel="stylesheet" href="_static/css/cdap-jquery.mCustomScrollbar.css" type="text/css" />
    <link rel="stylesheet" href="_static/css/abixTreeList-2.css" type="text/css" />
    <link rel="stylesheet" href="_static/cdap-bootstrap.css" type="text/css" />

    <script type="text/javascript">
      var DOCUMENTATION_OPTIONS = {
        URL_ROOT:    '',
        VERSION:     '6.1.1',
        COLLAPSE_INDEX: false,
        FILE_SUFFIX: '.html',
        HAS_SOURCE:  false
      };
    </script>
    <script type="text/javascript" src="_static/jquery.js"></script>
    <script type="text/javascript" src="_static/underscore.js"></script>
    <script type="text/javascript" src="_static/doctools.js"></script>
    <script type="text/javascript" src="_static/language_data.js"></script>

    <link rel="shortcut icon" href="_static/favicon.ico"/>
    <link rel="index" title="Index" href="genindex.html" />
    <link rel="search" title="Search" href="search.html" />
    <link rel="top" title="Cask Data Application Platform 6.1.1 Documentation" href="index.html" />
    <link rel="next" title="Installation" href="installation/index.html" />
    <link rel="prev" title="CDAP and Hadoop Compatibility" href="cdap-hadoop-compatibility.html" />
    <!-- block extrahead -->
    <meta charset='utf-8'>
    <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
    <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
    <meta name="apple-mobile-web-app-capable" content="yes">
    <!-- block extrahead end -->

</head>
<body role="document">

<!-- block navbar -->
<div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top">
    <div class="container-fluid">
      <div class="row">
        <div class="navbar-header">
          <!-- .btn-navbar is used as the toggle for collapsed navbar content -->
          <a class="navbar-brand" href="table-of-contents/../../index.html">
            <span><img alt="CDAP logo" src="_static/cdap_logo.svg"/></span>
          </a>

          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>
          </button>

          <div class="pull-right">
            <div class="dropdown version-dropdown">
              <a href="#" class="dropdown-toggle" data-toggle="dropdown"
                role="button" aria-haspopup="true" aria-expanded="false">
                v 6.1.1 <span class="caret"></span>
              </a>
              <ul class="dropdown-menu">
                <li><a href="//docs.cdap.io/cdap/5.1.2/en/index.html">v 5.1.2</a></li>
                <li><a href="//docs.cdap.io/cdap/4.3.4/en/index.html">v 4.3.4</a></li>
              </ul>
            </div>
          </div>
          <form class="navbar-form navbar-right navbar-search" action="search.html" method="get">
            <div class="form-group">
              <div class="navbar-search-image material-icons"></div>
              <input type="text" name="q" class="form-control" placeholder="  Search" />
            </div>
            <input type="hidden" name="check_keywords" value="yes" />
            <input type="hidden" name="area" value="default" />
          </form>

          <div class="collapse navbar-collapse nav-collapse navbar-right navbar-navigation">
            <ul class="nav navbar-nav"><li class="docsite-nav-tab-container"><a class="docsite-nav-tab-link " href="table-of-contents/../../index.html">简介</a></li><li class="docsite-nav-tab-container"><a class="docsite-nav-tab-link current" href="table-of-contents/../../guides.html">手册</a></li><li class="docsite-nav-tab-container"><a class="docsite-nav-tab-link " href="table-of-contents/../../reference-manual/index.html">参考</a></li><li class="docsite-nav-tab-container"><a class="docsite-nav-tab-link " href="table-of-contents/../../faqs/index.html">帮助</a></li>
            </ul>
          </div>

        </div>
      </div>
    </div>
  </div><!-- block navbar end -->
<!-- block main content -->
<div class="main-container container">
  <div class="row"><div class="col-md-2">
      <div id="sidebar" class="bs-sidenav scrollable-y-outside" role="complementary">
<!-- theme_manual: admin-manual -->
<!-- theme_manual_highlight: guides -->
<!-- sidebar_title_link: table-of-contents/../../guides.html -->

  <div role="note" aria-label="manuals links"><h3><a href="table-of-contents/../../guides.html">Guides</a></h3>

    <ul class="this-page-menu">
      <li class="toctree-l1"><a href="table-of-contents/../../user-guide/index.html" rel="nofollow">用户手册</a>
      </li>
      <li class="toctree-l1"><a href="table-of-contents/../../developer-manual/index.html" rel="nofollow">开发手册</a>
      </li>
      <li class="toctree-l1"><b><a href="table-of-contents/../../admin-manual/index.html" rel="nofollow">管理手册</a></b>
      <nav class="pagenav">
      <ul class="current">
<li class="toctree-l1"><a class="reference internal" href="index.html"> Introduction</a></li>
<li class="toctree-l1"><a class="reference internal" href="cdap-components.html"> CDAP Components</a></li>
<li class="toctree-l1"><a class="reference internal" href="deployment-architectures.html"> Deployment Architectures</a></li>
<li class="toctree-l1"><a class="reference internal" href="hadoop-compatibility.html"> Hadoop Compatibility</a></li>
<li class="toctree-l1"><a class="reference internal" href="cdap-hadoop-compatibility.html"> CDAP and Hadoop Compatibility</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#"> System Requirements</a></li>
<li class="toctree-l1"><a class="reference internal" href="installation/index.html"> Installation</a><ul>
<li class="toctree-l2"><a class="reference internal" href="installation/cloudera.html">Cloudera Manager</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/emr.html">Amazon EMR</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/ambari.html">Apache Ambari</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/mapr.html">MapR</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/azure-hdinsight.html">Microsoft Azure HDInsight</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/packages.html">Packages</a></li>
<li class="toctree-l2"><a class="reference internal" href="installation/replication.html">Replication</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="incompatibilities.html"> Incompatibilities</a></li>
<li class="toctree-l1"><a class="reference internal" href="upgrading/index.html"> Upgrading</a><ul>
<li class="toctree-l2"><a class="reference internal" href="upgrading/cloudera.html">Cloudera Manager</a></li>
<li class="toctree-l2"><a class="reference internal" href="upgrading/ambari.html">Apache Ambari</a></li>
<li class="toctree-l2"><a class="reference internal" href="upgrading/mapr.html">MapR</a></li>
<li class="toctree-l2"><a class="reference internal" href="upgrading/packages.html">Packages</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="security/index.html"> Security</a><ul>
<li class="toctree-l2"><a class="reference internal" href="security/perimeter-security.html">Perimeter Security</a></li>
<li class="toctree-l2"><a class="reference internal" href="security/authorization.html">Authorization</a></li>
<li class="toctree-l2"><a class="reference internal" href="security/impersonation.html">Impersonation</a></li>
<li class="toctree-l2"><a class="reference internal" href="security/system-services.html">Enabling SSL for System Services</a></li>
<li class="toctree-l2"><a class="reference internal" href="security/secure-storage.html">Secure Storage</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="operations/index.html"> Operations</a><ul>
<li class="toctree-l2"><a class="reference internal" href="operations/logging.html"> Logging and Monitoring</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/metrics.html"> Metrics</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/operations-dashboard.html"> Dashboard and Reports</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/preferences.html"> Preferences and Runtime Arguments</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/scaling-instances.html"> Scaling Instances</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/resource-guarantees.html"> Resource Guarantees in YARN</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/tx-maintenance.html"> Transaction Service Maintenance</a></li>
<li class="toctree-l2"><a class="reference internal" href="operations/cdap-ui.html"> CDAP UI</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="appendices/index.html"> Appendices</a><ul>
<li class="toctree-l2"><a class="reference internal" href="appendices/cdap-site.html"> Appendix: cdap-site.xml</a></li>
<li class="toctree-l2"><a class="reference internal" href="appendices/cdap-security.html"> Appendix: cdap-security.xml</a></li>
<li class="toctree-l2"><a class="reference internal" href="appendices/minimal-cdap-site.html"> Appendix: Minimal cdap-site.xml</a></li>
<li class="toctree-l2"><a class="reference internal" href="appendices/hbase-ddl-executor.html"> Appendix: HBaseDDLExecutor</a></li>
</ul>
</li>
</ul>
</nav>
      </li>
      <li class="toctree-l1"><a href="table-of-contents/../../integrations/index.html" rel="nofollow">集成手册</a>
      </li>
      <li class="toctree-l1"><a href="table-of-contents/../../examples-manual/index.html" rel="nofollow">最佳实践</a>
      </li>
    </ul>
  </div></div>
    </div><div class="col-md-8 content" id="main-content">
    
  <div class="section" id="system-requirements">
<span id="admin-manual-system-requirements"></span><h1>System Requirements<a class="headerlink" href="#system-requirements" title="Permalink to this headline">🔗</a></h1>
<p>In this section, we list the specific
<a class="reference internal" href="#admin-manual-hardware-requirements"><span class="std std-ref">hardware</span></a>,
<a class="reference internal" href="#admin-manual-memory-core-requirements"><span class="std std-ref">memory, core</span></a>, and
<a class="reference internal" href="#admin-manual-network-requirements"><span class="std std-ref">network requirements</span></a>, and the
<a class="reference internal" href="#admin-manual-software-requirements"><span class="std std-ref">software prerequisites</span></a>
that need to be met and completed before installation of the CDAP components.</p>
<p>Complete the requirements and instructions below prior to installing the CDAP components.</p>
<div class="section" id="hardware-requirements">
<span id="admin-manual-hardware-requirements"></span><h2>Hardware Requirements<a class="headerlink" href="#hardware-requirements" title="Permalink to this headline">🔗</a></h2>
<p>Systems hosting the <a class="reference internal" href="cdap-components.html#admin-manual-cdap-components"><span class="std std-ref">CDAP components</span></a>
must meet these hardware specifications, in addition to having
<strong>CPUs with a minimum speed of 2 GHz</strong>:</p>
<table border="1" class="docutils">
<colgroup>
<col width="26%" />
<col width="18%" />
<col width="19%" />
<col width="38%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">CDAP Component</th>
<th class="head">Package</th>
<th class="head">Hardware Component</th>
<th class="head">Specifications</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td>CDAP Master</td>
<td><code class="docutils literal notranslate"><span class="pre">cdap-master</span></code></td>
<td>RAM</td>
<td>2 GB minimum, 4 GB recommended</td>
</tr>
<tr class="row-odd"><td>CDAP Router</td>
<td><code class="docutils literal notranslate"><span class="pre">cdap-gateway</span></code></td>
<td>RAM</td>
<td>2 GB minimum, 4 GB recommended</td>
</tr>
<tr class="row-even"><td>CDAP UI</td>
<td><code class="docutils literal notranslate"><span class="pre">cdap-ui</span></code></td>
<td>RAM</td>
<td>1 GB minimum, 2 GB recommended</td>
</tr>
<tr class="row-odd"><td rowspan="2">CDAP Kafka</td>
<td><code class="docutils literal notranslate"><span class="pre">cdap-kafka</span></code></td>
<td>RAM</td>
<td>1 GB minimum, 2 GB recommended</td>
</tr>
<tr class="row-even"><td>&#160;</td>
<td>Disk Space</td>
<td><em>CDAP Kafka</em> maintains a data cache in
a configurable data directory.
Required space depends on the number of
CDAP applications deployed and running
in CDAP and the quantity of logs and
metrics that they generate.</td>
</tr>
<tr class="row-odd"><td>CDAP Authentication Server</td>
<td><code class="docutils literal notranslate"><span class="pre">cdap-security</span></code></td>
<td>RAM</td>
<td>1 GB minimum, 2 GB recommended</td>
</tr>
</tbody>
</table>
</div>
<div class="section" id="memory-and-core-requirements">
<span id="admin-manual-memory-core-requirements"></span><h2>Memory and Core Requirements<a class="headerlink" href="#memory-and-core-requirements" title="Permalink to this headline">🔗</a></h2>
<p>Memory and core requirements are governed by two sources: <em>CDAP</em> and <em>YARN</em>.</p>
<p>The <strong>default settings for CDAP</strong> are found in the <a class="reference internal" href="appendices/cdap-site.html#appendix-cdap-default-xml"><span class="std std-ref">cdap-defaults.xml</span></a>, and are overridden in particular instances by the
<a class="reference internal" href="appendices/cdap-site.html#appendix-cdap-site-xml"><span class="std std-ref">cdap-site.xml</span></a> file. These vary with each service and range
from 512 to 1024 MB and from one to two cores.</p>
<p>The <strong>YARN settings will override these</strong>; for instance, the minimum YARN container size is
determined by <code class="docutils literal notranslate"><span class="pre">yarn.scheduler.minimum-allocation-mb</span></code>. The YARN default in Hadoop is 1024
MB, so containers will be allocated with 1024 MB, even if the CDAP settings are for 512 MB.</p>
<p>With these default YARN and CDAP memory settings, just starting CDAP can require having 14
to 16 CPU cores (and a total of 14 to 16 GB of memory) available to YARN.</p>
</div>
<div class="section" id="network-requirements">
<span id="admin-manual-network-requirements"></span><h2>Network Requirements<a class="headerlink" href="#network-requirements" title="Permalink to this headline">🔗</a></h2>
<p>CDAP components communicate over your network with <em>HBase</em>, <em>HDFS</em>, and <em>YARN</em>.
For the best performance, CDAP components should be located on the same LAN,
ideally running at 1 Gbps or faster. A good rule of thumb is to treat CDAP
components as you would <em>Hadoop datanodes</em>.</p>
<p>See the section below (<a class="reference internal" href="#admin-manual-cdap-and-firewalls"><span class="std std-ref">CDAP and Firewalls</span></a>) for information on
configuring CDAP with a firewall and the listening ports that are used.</p>
</div>
<div class="section" id="software-prerequisites">
<span id="admin-manual-software-requirements"></span><h2>Software Prerequisites<a class="headerlink" href="#software-prerequisites" title="Permalink to this headline">🔗</a></h2>
<p>You’ll need this software installed:</p>
<ul class="simple">
<li>A <a class="reference internal" href="#admin-manual-install-java-runtime"><span class="std std-ref">Java runtime</span></a> on each CDAP node and Hadoop datanode.</li>
<li>A Hadoop, HBase, Hive (and optionally Spark) environment to run against.</li>
<li>To use the <strong>ad-hoc querying capabilities of CDAP,</strong> ensure the cluster has a compatible version of
Hive installed. See the section on <a class="reference internal" href="hadoop-compatibility.html#admin-manual-hadoop-compatibility-matrix"><span class="std std-ref">Hadoop Compatibility</span></a>.</li>
<li>If Hive is <strong>not</strong> going to be installed, you will need to disable the CDAP Explore
Service, as by default it is enabled. The installation instructions describe how to configure this.</li>
<li>CDAP nodes require Hadoop and HBase client installation and configuration.
<em>Note:</em> No Hadoop services need actually be running.</li>
<li>We recommend installing an <a class="reference internal" href="#admin-manual-install-ntp"><span class="std std-ref">NTP (Network Time Protocol)</span></a>
daemon on all nodes of the cluster, including those with CDAP components.</li>
</ul>
<div class="section" id="java-runtime">
<span id="admin-manual-install-java-runtime"></span><h3>Java Runtime<a class="headerlink" href="#java-runtime" title="Permalink to this headline">🔗</a></h3>
<p>The latest <a class="reference external" href="http://www.java.com/en/download/manual.jsp">JDK or JRE version 1.8.xx</a>
for Linux, Windows, or Mac OS X must be installed in your environment; we recommend the Oracle JDK.</p>
<p>To check the Java version installed, run the command:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> java -version
</pre></div>
</div>
<p>CDAP is tested with both the <a class="reference external" href="http://www.java.com/en/download/manual.jsp">Oracle JDK</a> and the
<a class="reference external" href="http://openjdk.java.net">Open JDK</a>; it may work with other JDKs but it has not been tested with them.</p>
<p>Once you have installed the JDK, you’ll need to set the JAVA_HOME environment variable.</p>
</div>
<div class="section" id="ntp-network-time-protocol">
<span id="admin-manual-install-ntp"></span><h3>NTP (Network Time Protocol)<a class="headerlink" href="#ntp-network-time-protocol" title="Permalink to this headline">🔗</a></h3>
<ul class="simple">
<li>We recommend installing an NTP (<a class="reference external" href="http://www.ntp.org">Network Time Protocol</a>) daemon
on all nodes of the cluster, including those with CDAP components.</li>
<li>NTP requires that port 123 be open.</li>
<li>If your cluster does not have access to the internet, you can run a local version of NTP
by <a class="reference external" href="http://www.borngeek.com/2008/04/03/using-ntp-on-a-private-network/">setting up a master node as an NTP server</a>.</li>
</ul>
<p><strong>Installing NTP on RPM using Yum</strong></p>
<ol class="arabic">
<li><p class="first">Install the NTP service and dependencies:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo yum install ntp ntpdate ntp-doc
</pre></div>
</div>
</li>
<li><p class="first">Set the service to start at reboot:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo chkconfig ntpd on
</pre></div>
</div>
</li>
<li><p class="first">Start the NTP server. This will continuously adjust the system time from an upstream NTP server:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo /etc/init.d/ntpd start
</pre></div>
</div>
</li>
<li><p class="first">Synchronize the system clock with the <code class="docutils literal notranslate"><span class="pre">0.pool.ntp.org</span></code> server. You should use this command only once:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo ntpdate -u pool.ntp.org
</pre></div>
</div>
</li>
<li><p class="first">Synchronize the hardware clock (to prevent synchronization problems), unless on a virtual server:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo hwclock --systohc
</pre></div>
</div>
</li>
</ol>
<p><strong>Installing NTP on Debian using APT</strong></p>
<ol class="arabic">
<li><p class="first">Install the NTP service and dependencies:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo apt-get install ntp
</pre></div>
</div>
</li>
<li><p class="first">Start the NTP server. This will continuously adjust the system time from an upstream NTP server:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo service ntp start
</pre></div>
</div>
</li>
<li><p class="first">Synchronize the system clock with the <code class="docutils literal notranslate"><span class="pre">0.pool.ntp.org</span></code> server. You should use this command only once:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo ntpdate -u pool.ntp.org
</pre></div>
</div>
</li>
<li><p class="first">Synchronize the hardware clock (to prevent synchronization problems), unless on a virtual server:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> sudo hwclock --systohc
</pre></div>
</div>
</li>
</ol>
<p><strong>NTP Troubleshooting and Configuration</strong></p>
<ul>
<li><p class="first">To check the synchronization:</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> ntpq -p

<span class="go">     remote           refid      st t when poll reach   delay   offset  jitter</span>
<span class="go">==============================================================================</span>
<span class="go">+173.44.32.10    18.26.4.105      2 u    5   64    1   78.786   -0.157   1.966</span>
<span class="go">*66.241.101.63   132.163.4.103    2 u    7   64    1   43.085    2.872   0.409</span>
<span class="go">+services.quadra 198.60.22.240    2 u    6   64    1   21.805    3.040   1.033</span>
<span class="go">-hydrogen.consta 200.98.196.212   2 u    7   64    1  114.250   16.011   0.873</span>
</pre></div>
</div>
</li>
<li><p class="first">If you need to adjust the configuration (add or delete servers, use servers closer to you, etc.):</p>
<div class="highlight-console notranslate"><div class="highlight"><pre><span></span><span class="gp">$</span> vi /etc/ntp.conf
</pre></div>
</div>
</li>
</ul>
</div>
</div>
<div class="section" id="cdap-and-firewalls">
<span id="admin-manual-cdap-and-firewalls"></span><h2>CDAP and Firewalls<a class="headerlink" href="#cdap-and-firewalls" title="Permalink to this headline">🔗</a></h2>
<p>In general, your <a class="reference internal" href="deployment-architectures.html#admin-manual-install-deployment-architectures"><span class="std std-ref">cluster configuration</span></a>
cannot have a firewall between the cluster and CDAP. Instead, if a firewall is used, the
cluster and certain CDAP components need to be together behind the firewall. These are the
ports which can be opened to provide external access:</p>
<p><strong>Listen Ports for External Access</strong></p>
<table border="1" class="docutils">
<colgroup>
<col width="25%" />
<col width="25%" />
<col width="25%" />
<col width="25%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Description</th>
<th class="head">Governing Configuration</th>
<th class="head">Default Value in Packages/MapR</th>
<th class="head">Default Value in Ambari/Cloudera Manager</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td>CDAP Router listen port (HTTP RESTful)</td>
<td><code class="docutils literal notranslate"><span class="pre">router.bind.port</span></code></td>
<td>11015</td>
<td>11015</td>
</tr>
<tr class="row-odd"><td>CDAP Router listen port (HTTP RESTful) (SSL)</td>
<td><code class="docutils literal notranslate"><span class="pre">router.ssl.bind.port</span></code></td>
<td>10443</td>
<td>10443</td>
</tr>
<tr class="row-even"><td>CDAP UI listen port</td>
<td><code class="docutils literal notranslate"><span class="pre">dashboard.bind.port</span></code></td>
<td>11011</td>
<td>11011</td>
</tr>
<tr class="row-odd"><td>CDAP UI listen port (SSL)</td>
<td><code class="docutils literal notranslate"><span class="pre">dashboard.ssl.bind.port</span></code></td>
<td>9443</td>
<td>9443</td>
</tr>
<tr class="row-even"><td>CDAP Auth Server listen port</td>
<td><code class="docutils literal notranslate"><span class="pre">security.auth.server.bind.port</span></code></td>
<td>10009</td>
<td>10009</td>
</tr>
<tr class="row-odd"><td>CDAP Auth Server listen port (SSL)</td>
<td><code class="docutils literal notranslate"><span class="pre">security.auth.server.ssl.bind.port</span></code></td>
<td>10010</td>
<td>10010</td>
</tr>
</tbody>
</table>
<p>The exact configuration and ports required will vary depending on your use of firewalls
and your specific configuration. This diagram shows a likely scenario that you could use:</p>
<a class="reference internal image-reference" href="_images/arch_components_view.png"><img alt="_images/arch_components_view.png" class="align-center" src="_images/arch_components_view.png" style="width: 6in;" /></a>
<p>In this diagram, we show the CDAP Router “traversing” the firewall. Note that the CDAP UI
can be completely outside of the firewall, as it needs to talk to clients, the CDAP
Router, and the CDAP Auth Server. These two services (Router and Auth Server) need to be
accessible from the outside to users, but also must be able to connect to nodes within the
cluster. They need unrestricted client access to the cluster with the ability to establish
connections to cluster nodes, on any port that a container may choose to open.</p>
<p>Taking this same picture, if the firewall were moved to the left of the CDAP Router/Auth
Server, then two ports (<code class="docutils literal notranslate"><span class="pre">router.bind.port</span></code>, 11015 and
<code class="docutils literal notranslate"><span class="pre">security.auth.server.bind.port</span></code>, 10009) would need to be opened to allow access by
clients to the hosts running the CDAP Router/Auth Server. There could be another firewall
between the CDAP Router/Auth Server and the cluster, as long as it provides client access
from the CDAP Auth Server to the ZooKeeper nodes. The same is true for the CDAP Router
(access to the Zookeeper nodes), except it also needs unrestricted client access, so it
usually doesn’t make sense to firewall the CDAP Router when essentially you’re allowing
all traffic through.</p>
<p>As your configuration can vary from these descriptions, this information is intended to
guide you in understanding what the different components require in order to successfully
run CDAP rather than provide strict requirements.</p>
</div>
</div>

</div>
    <div class="col-md-2">
      <div id="right-sidebar" class="bs-sidenav scrollable-y" role="complementary">
        <div id="localtoc-scrollspy">
        </div>
      </div>
    </div></div>
</div>
<!-- block main content end -->
<!-- block footer -->
<footer class="footer">
      <div class="container">
        <div class="row">
          <div class="col-md-2 footer-left"><a title="CDAP and Hadoop Compatibility" href="cdap-hadoop-compatibility.html" />Previous</a></div>
          <div class="col-md-8 footer-center"><a class="footer-tab-link" href="table-of-contents/../../reference-manual/licenses/index.html">Copyright</a> &copy; 2014-2020 Cask Data, Inc.&bull; <a class="footer-tab-link" href="//docs.cask.co/cdap/6.1.1/cdap-docs-6.1.1-web.zip" rel="nofollow">Download</a> an archive or
<a class="footer-tab-link" href="//docs.cask.co/cdap">switch the version</a> of the documentation
          </div>
          <div class="col-md-2 footer-right"><a title="Installation" href="installation/index.html" />Next</a></div>
        </div>
      </div>
    </footer>
<!-- block footer end -->
<script type="text/javascript" src="_static/bootstrap-3.3.6/js/bootstrap.min.js"></script><script type="text/javascript" src="_static/js/bootstrap-sphinx.js"></script><script type="text/javascript" src="_static/js/abixTreeList-2.js"></script><script type="text/javascript" src="_static/js/cdap-dynamicscrollspy-4.js"></script><script type="text/javascript" src="_static/js/cdap-version-menu.js"></script><script type="text/javascript" src="_static/js/copy-to-clipboard.js"></script><script type="text/javascript" src="_static/js/jquery.mousewheel.min.js"></script><script type="text/javascript" src="_static/js/jquery.mCustomScrollbar.js"></script><script type="text/javascript" src="_static/js/js.cookie.js"></script><script type="text/javascript" src="_static/js/tabbed-parsed-literal-0.2.js"></script><script type="text/javascript" src="_static/js/cdap-onload-javascript.js"></script><script type="text/javascript" src="_static/js/cdap-version-menu.js"></script>
    <script src="https://cdap.gitee.io/docs/cdap/json-versions.js"/></script>
  </body>
</html>